CVE-2016-0771
N/A
N/A
Summary
The internal DNS server in Samba 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4, when an AD DC is configured, allows remote authenticated users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory by uploading a crafted DNS TXT record.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html
- https://www.samba.org/samba/security/CVE-2016-0771.html
- https://bugzilla.samba.org/show_bug.cgi?id=11128
- https://bugzilla.samba.org/show_bug.cgi?id=11686
- http://www.securityfocus.com/bid/84273
- http://www.ubuntu.com/usn/USN-2922-1
- http://www.debian.org/security/2016/dsa-3514
- http://www.securitytracker.com/id/1035219
References
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html
- https://www.samba.org/samba/security/CVE-2016-0771.html
- https://bugzilla.samba.org/show_bug.cgi?id=11128
- https://bugzilla.samba.org/show_bug.cgi?id=11686
- http://www.securityfocus.com/bid/84273
- http://www.ubuntu.com/usn/USN-2922-1
- http://www.debian.org/security/2016/dsa-3514
- http://www.securitytracker.com/id/1035219
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.